skip user if we don't have a public key
This commit is contained in:
parent
d308ec4f0e
commit
4ef9df8750
|
@ -94,10 +94,12 @@ class Application extends \OCP\AppFramework\App {
|
||||||
public function registerEncryptionModule() {
|
public function registerEncryptionModule() {
|
||||||
$container = $this->getContainer();
|
$container = $this->getContainer();
|
||||||
|
|
||||||
|
|
||||||
$this->encryptionManager->registerEncryptionModule(
|
$this->encryptionManager->registerEncryptionModule(
|
||||||
Encryption::ID,
|
Encryption::ID,
|
||||||
Encryption::DISPLAY_NAME,
|
Encryption::DISPLAY_NAME,
|
||||||
function() use ($container) {
|
function() use ($container) {
|
||||||
|
|
||||||
return new Encryption(
|
return new Encryption(
|
||||||
$container->query('Crypt'),
|
$container->query('Crypt'),
|
||||||
$container->query('KeyManager'),
|
$container->query('KeyManager'),
|
||||||
|
@ -105,6 +107,7 @@ class Application extends \OCP\AppFramework\App {
|
||||||
$container->getServer()->getLogger()
|
$container->getServer()->getLogger()
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function registerServices() {
|
public function registerServices() {
|
||||||
|
|
|
@ -25,6 +25,7 @@
|
||||||
namespace OCA\Encryption\Crypto;
|
namespace OCA\Encryption\Crypto;
|
||||||
|
|
||||||
|
|
||||||
|
use OCA\Encryption\Exceptions\PublicKeyMissingException;
|
||||||
use OCA\Encryption\Util;
|
use OCA\Encryption\Util;
|
||||||
use OCP\Encryption\IEncryptionModule;
|
use OCP\Encryption\IEncryptionModule;
|
||||||
use OCA\Encryption\KeyManager;
|
use OCA\Encryption\KeyManager;
|
||||||
|
@ -67,6 +68,7 @@ class Encryption implements IEncryptionModule {
|
||||||
/** @var Util */
|
/** @var Util */
|
||||||
private $util;
|
private $util;
|
||||||
|
|
||||||
|
|
||||||
/** @var ILogger */
|
/** @var ILogger */
|
||||||
private $logger;
|
private $logger;
|
||||||
|
|
||||||
|
@ -161,6 +163,9 @@ class Encryption implements IEncryptionModule {
|
||||||
* @param string $path to the file
|
* @param string $path to the file
|
||||||
* @return string remained data which should be written to the file in case
|
* @return string remained data which should be written to the file in case
|
||||||
* of a write operation
|
* of a write operation
|
||||||
|
* @throws PublicKeyMissingException
|
||||||
|
* @throws \Exception
|
||||||
|
* @throws \OCA\Encryption\Exceptions\MultiKeyEncryptException
|
||||||
*/
|
*/
|
||||||
public function end($path) {
|
public function end($path) {
|
||||||
$result = '';
|
$result = '';
|
||||||
|
@ -171,7 +176,16 @@ class Encryption implements IEncryptionModule {
|
||||||
}
|
}
|
||||||
$publicKeys = array();
|
$publicKeys = array();
|
||||||
foreach ($this->accessList['users'] as $uid) {
|
foreach ($this->accessList['users'] as $uid) {
|
||||||
$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
|
try {
|
||||||
|
$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
|
||||||
|
} catch (PublicKeyMissingException $e) {
|
||||||
|
$this->logger->warning('no public key found for user \'' . $uid .
|
||||||
|
'\', user will not be able to read the file', array('app' => 'encryption'));
|
||||||
|
// if the public key of the owner is missing we should fail
|
||||||
|
if ($uid === $this->user) {
|
||||||
|
throw $e;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys);
|
$publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys);
|
||||||
|
|
|
@ -21,6 +21,7 @@
|
||||||
|
|
||||||
namespace OCA\Encryption\Tests\Crypto;
|
namespace OCA\Encryption\Tests\Crypto;
|
||||||
|
|
||||||
|
use OCA\Encryption\Exceptions\PublicKeyMissingException;
|
||||||
use Test\TestCase;
|
use Test\TestCase;
|
||||||
use OCA\Encryption\Crypto\Encryption;
|
use OCA\Encryption\Crypto\Encryption;
|
||||||
|
|
||||||
|
@ -63,6 +64,74 @@ class EncryptionTest extends TestCase {
|
||||||
$this->utilMock,
|
$this->utilMock,
|
||||||
$this->loggerMock
|
$this->loggerMock
|
||||||
);
|
);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* test if public key from one of the recipients is missing
|
||||||
|
*/
|
||||||
|
public function testEndUser1() {
|
||||||
|
$this->instance->begin('/foo/bar', 'user1', 'r', array(), array('users' => array('user1', 'user2', 'user3')));
|
||||||
|
$this->endTest();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* test if public key from owner is missing
|
||||||
|
*
|
||||||
|
* @expectedException \OCA\Encryption\Exceptions\PublicKeyMissingException
|
||||||
|
*/
|
||||||
|
public function testEndUser2() {
|
||||||
|
$this->instance->begin('/foo/bar', 'user2', 'r', array(), array('users' => array('user1', 'user2', 'user3')));
|
||||||
|
$this->endTest();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* common part of testEndUser1 and testEndUser2
|
||||||
|
*
|
||||||
|
* @throws PublicKeyMissingException
|
||||||
|
*/
|
||||||
|
public function endTest() {
|
||||||
|
// prepare internal variables
|
||||||
|
$class = get_class($this->instance);
|
||||||
|
$module = new \ReflectionClass($class);
|
||||||
|
$isWriteOperation = $module->getProperty('isWriteOperation');
|
||||||
|
$writeCache = $module->getProperty('writeCache');
|
||||||
|
$isWriteOperation->setAccessible(true);
|
||||||
|
$writeCache->setAccessible(true);
|
||||||
|
$isWriteOperation->setValue($this->instance, true);
|
||||||
|
$writeCache->setValue($this->instance, '');
|
||||||
|
$isWriteOperation->setAccessible(false);
|
||||||
|
$writeCache->setAccessible(false);
|
||||||
|
|
||||||
|
$this->keyManagerMock->expects($this->any())
|
||||||
|
->method('getPublicKey')
|
||||||
|
->will($this->returnCallback([$this, 'getPublicKeyCallback']));
|
||||||
|
$this->keyManagerMock->expects($this->any())
|
||||||
|
->method('addSystemKeys')
|
||||||
|
->will($this->returnCallback([$this, 'addSystemKeysCallback']));
|
||||||
|
$this->cryptMock->expects($this->any())
|
||||||
|
->method('multiKeyEncrypt')
|
||||||
|
->willReturn(true);
|
||||||
|
$this->cryptMock->expects($this->any())
|
||||||
|
->method('setAllFileKeys')
|
||||||
|
->willReturn(true);
|
||||||
|
|
||||||
|
$this->instance->end('/foo/bar');
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public function getPublicKeyCallback($uid) {
|
||||||
|
if ($uid === 'user2') {
|
||||||
|
throw new PublicKeyMissingException($uid);
|
||||||
|
}
|
||||||
|
return $uid;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function addSystemKeysCallback($accessList, $publicKeys) {
|
||||||
|
$this->assertSame(2, count($publicKeys));
|
||||||
|
$this->assertArrayHasKey('user1', $publicKeys);
|
||||||
|
$this->assertArrayHasKey('user3', $publicKeys);
|
||||||
|
return $publicKeys;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in New Issue